Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: REtzBfuVSuoAsOjP188X4Fyp0GQyGsPbwVFlKrnaDCM=
Subject key identifier: ED:1E:F4:DC:40:2B:44:7F:ED:EE:54:69:35:EE:77:16:24:03:D4:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5CC286E2DF23173FB12A3FB07F1365830A1CBC97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Tue 21 Oct 2025 14:40:38 +0000
ROA not before: Tue 21 Oct 2025 14:40:38 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:c2:86:e2:df:23:17:3f:b1:2a:3f:b0:7f:13:65:83:0a:1c:bc:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:38 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e07e337ff91b0d711df1d03e2134d418a213c08e4f39b803b1de5220ae522654, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9c:82:28:f7:c5:ea:b8:ce:e1:13:cb:1c:29:
53:ea:f5:dc:ba:eb:d6:b2:79:b6:51:24:d2:86:88:
ed:88:0d:af:fb:e6:b6:9d:ed:09:40:6c:8b:5b:7f:
24:57:72:f9:8d:91:bc:f9:63:d1:2b:9a:ac:ec:8a:
f3:c3:80:43:63:6e:f2:f2:54:7e:bc:24:f5:6b:03:
b5:72:b6:11:2d:27:cb:08:80:8e:9e:27:10:92:e6:
0c:de:cd:bf:fb:a6:84:35:29:b4:10:04:f1:9e:ab:
f3:7e:21:a5:23:5e:e2:cd:e6:db:d7:ad:c1:ba:f5:
7a:15:e4:dd:91:60:b5:b2:5b:bf:00:e6:61:14:dc:
82:20:33:a9:59:3f:e0:e8:e3:92:44:56:93:d5:3f:
2e:61:6c:5d:2a:36:c2:1b:95:a1:1d:38:74:d7:d9:
4f:80:0b:d9:e6:90:cb:c1:fa:36:43:b2:96:40:8f:
f7:5b:51:35:16:9f:77:8b:08:85:f7:ca:c3:65:24:
7c:c7:db:31:bf:bc:dc:a2:69:41:1f:10:ba:81:02:
d1:68:79:0d:74:25:a3:b8:5f:a7:5c:ec:69:8c:73:
ba:1f:b4:d8:f1:7c:c7:8a:85:ed:a3:46:bd:aa:45:
6b:c9:6e:71:8e:ba:25:a7:70:ba:29:f8:77:54:55:
b5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1E:F4:DC:40:2B:44:7F:ED:EE:54:69:35:EE:77:16:24:03:D4:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:82:a4:be:54:28:30:6b:5b:74:20:71:89:20:9b:ab:29:ad:
0a:ff:39:fe:59:6b:2e:e3:28:c9:8e:ec:57:a0:58:48:0b:f4:
fa:1c:9e:95:17:f6:01:fa:0e:b2:dd:80:1a:a8:c9:21:ab:d7:
e7:95:bf:24:56:37:04:8a:ff:e7:b4:4c:77:44:68:4a:18:53:
f2:ce:e2:f9:4b:b6:e4:d9:31:86:40:10:03:9f:41:eb:be:d3:
3c:40:71:04:52:91:c4:75:54:da:cc:31:0c:2e:fe:17:6c:13:
5d:cc:3b:28:0c:f4:4d:8d:4c:19:cf:38:46:3d:7f:da:ea:12:
d7:23:fb:c9:5c:af:23:95:64:1f:18:8f:32:63:2a:15:e6:5e:
72:de:60:03:67:db:eb:38:2e:87:05:03:0a:32:98:99:65:ff:
30:bd:b8:5c:d6:dd:ad:17:b8:a1:f9:9e:6d:c2:7f:fd:4a:1c:
29:99:d0:80:43:8a:69:e7:cb:08:4c:e7:ec:f9:3e:11:9a:70:
b3:24:6e:2d:eb:88:25:67:40:0f:b2:57:37:39:0e:2d:1f:86:
e1:46:7d:69:5b:03:36:54:24:a6:ca:a7:79:8e:ac:bd:8a:53:
93:29:99:47:7a:a6:9a:28:ce:c9:65:52:ac:ab:b7:f1:33:4b:
bc:15:0e:cd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXMKG4t8jFz+xKj+wfxNlgwocvJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwN2UzMzdmZjkxYjBkNzExZGYxZDAzZTIxMzRkNDE4YTIxM2MwOGU0ZjM5
YjgwM2IxZGU1MjIwYWU1MjI2NTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMicgij3xeq4zuETyxwpU+r13Lrr1rJ5tlEk0oaI7YgNr/vmtp3tCUBsi1t/
JFdy+Y2RvPlj0SuarOyK88OAQ2Nu8vJUfrwk9WsDtXK2ES0nywiAjp4nEJLmDN7N
v/umhDUptBAE8Z6r834hpSNe4s3m29etwbr1ehXk3ZFgtbJbvwDmYRTcgiAzqVk/
4OjjkkRWk9U/LmFsXSo2whuVoR04dNfZT4AL2eaQy8H6NkOylkCP91tRNRafd4sI
hffKw2UkfMfbMb+83KJpQR8QuoEC0Wh5DXQlo7hfp1zsaYxzuh+02PF8x4qF7aNG
vapFa8lucY66Jadwuin4d1RVtQUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtHvTc
QCtEf+3uVGk17ncWJAPUtjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBXgqS+VCgwa1t0IHGJIJurKa0K/zn+WWsu4yjJjuxX
oFhIC/T6HJ6VF/YB+g6y3YAaqMkhq9fnlb8kVjcEiv/ntEx3RGhKGFPyzuL5S7bk
2TGGQBADn0HrvtM8QHEEUpHEdVTazDEMLv4XbBNdzDsoDPRNjUwZzzhGPX/a6hLX
I/vJXK8jlWQfGI8yYyoV5l5y3mADZ9vrOC6HBQMKMpiZZf8wvbhc1t2tF7ih+Z5t
wn/9ShwpmdCAQ4pp58sITOfs+T4RmnCzJG4t64glZ0APslc3OQ4tH4bhRn1pWwM2
VCSmyqd5jqy9ilOTKZlHeqaaKM7JZVKsq7fxM0u8FQ7N
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:53:42 2025 by rpki-client